NIST 800-53 IA-11 Mappings

In addition to the re-authentication requirements associated with device locks, organizations may require re-authentication of individuals in certain situations, including when roles, authenticators or credentials change, when security categories of systems change, when the execution of privileged functions occurs, after a fixed time period, or periodically.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
IA-11 Re-authentication Protects T1110.001 Password Guessing
IA-11 Re-authentication Protects T1110.002 Password Cracking
IA-11 Re-authentication Protects T1110.003 Password Spraying
IA-11 Re-authentication Protects T1110.004 Credential Stuffing
IA-11 Re-authentication Protects T1556.006 Multi-Factor Authentication
IA-11 Re-authentication Protects T1556.007 Hybrid Identity
IA-11 Re-authentication Protects T1110 Brute Force